| Author |
Message
|
| Knut |
 Posted: Thu May 10, 2012 12:44 am Post subject: Who is puting messages to my deadletter queue? |
 |
|
Newbie
Joined: 27 May 2009
Posts: 6
|
Dear Madam/Sir
In one of our Aceptance systems messages turns up on the dead-letter queue from time to time. Since they have a MQSTR format - no DLH that can give any information - I suspect that some client application writes directly to the deadletter queue.
I wonder if any of you MQ gurus have some tricks that I can use to find out who the "bad guy" is?
Would the output from dmpmqlog give any information of where the messages are coming from - like ip-adress, application name ...
Best regards
Knut |
|
| Back to top |
|
 |
| zpat |
| Posted: Thu May 10, 2012 1:09 am Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5866
Location: UK
|
| Look at the MQMD of the message - it will have putapplname, putappltype fields. |
|
| Back to top |
|
|
| exerk |
| Posted: Thu May 10, 2012 1:13 am Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
Within the MQMD will be ID of the application putting the message. Identify the user, and trout the developer who is too lazy to specify an application 'dump' queue instead of the DLQ.
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
| Knut |
| Posted: Thu May 10, 2012 1:33 am Post subject: |
|
|
Newbie
Joined: 27 May 2009
Posts: 6
|
Thank you for the response 
Sinec the MQMD didn't mgive me much info apart from the PutApplName : WebSphere MQ Client for Java
I wonder if there are some more specific info burried somewhere deeper inside the logfiles?
Best regards
Knut |
|
| Back to top |
|
|
| Mr Butcher |
| Posted: Thu May 10, 2012 2:15 am Post subject: |
|
|
Padawan
Joined: 23 May 2005
Posts: 1716
|
maybe you can find out by the payload data?
do you use linear logging? (dont think a circular log will help). if so, you may just try the dmpmqlog and see what you find.
i am brainstroming about a method to trap that one, but did not find anything so far that i think would work (e.g. triggering DLQ and issue display commands, mq trace, set specific security, .....)
_________________
Regards, Butcher |
|
| Back to top |
|
|
| exerk |
| Posted: Thu May 10, 2012 3:53 am Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
| Knut wrote: |
| Since the MQMD didn't give me much info apart from the PutApplName : WebSphere MQ Client for Java |
Get a wooden baseball bat, some rusty six-inch nails, and a hammer. Use the hammer to bash the nails into the baseball bat, then use the baseball bat to 'educate' the idiot Java developer who's too lazy to code properly!
On a more serious note, set authority to the DLQ such that no applications can use it, then see who complains that their app is having problems 
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Thu May 10, 2012 4:42 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
| you might also write a little script that dumps out dis conn(*) every five minutes to see if you can catch someone in the act. |
|
| Back to top |
|
|
| Vitor |
| Posted: Thu May 10, 2012 5:24 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| exerk wrote: |
| On a more serious note, set authority to the DLQ such that no applications can use it, then see who complains that their app is having problems |
There's no good reason for an application to be using the DLQ. If they've got problem messages they need to dump someplace define a backout queue for them.
I'd also agree looking at the payload data could help. "MQ Client for Java" could be a support pac or similar that the Acceptance testers are using rather than an application per se.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| hal |
| Posted: Thu May 10, 2012 11:12 am Post subject: |
|
|
Acolyte
Joined: 07 Dec 2005
Posts: 67
Location: New York City, New York
|
| I suggest using BlockIP2 to log all your WebSphere MQ Client connections. That way you can obtain remote connection details including connect/disconnect timestamps, channel names, accounts and IP addresses. |
|
| Back to top |
|
|
| Knut |
| Posted: Fri May 11, 2012 6:32 am Post subject: |
|
|
Newbie
Joined: 27 May 2009
Posts: 6
|
The bugger is found 
Turns out that Jboss program writes to the DLQ when it get's into trouble.
Many thanks to all of you
Best regards Knut |
|
| Back to top |
|
|
| zpat |
| Posted: Fri May 11, 2012 6:44 am Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5866
Location: UK
|
| hal wrote: |
| I suggest using BlockIP2 to log all your WebSphere MQ Client connections. That way you can obtain remote connection details including connect/disconnect timestamps, channel names, accounts and IP addresses. |
That can help.
Using MO71 (or MQ explorer) and "queue usage" or "queue status" will show currently connected applications on a queue. |
|
| Back to top |
|
|
| hal |
| Posted: Fri May 11, 2012 8:49 am Post subject: |
|
|
Acolyte
Joined: 07 Dec 2005
Posts: 67
Location: New York City, New York
|
Unfortunately, automatic logging of WebSphere MQ Client connections was left out of the WebSphere MQ 7.1 security enhancements. But BlockIP2 can easily be configured to continually dump those details to individual files without having to periodically poll using netstat, runmqsc, PCF commands, graphical user interface tools, etc. A BlockIP2 log snippet looks like,
2012-05-11|07:10:01|Connection accepted, Channel [WMQCLIENT.SVRCONN] ConName [999.88.77.6] Flags [BlockMqmUsers=Y ] User [culprit]
2012-05-11|07:18:12|Channel closed [WMQCLIENT.SVRCONN] Connection Name [999.88.77.6] You can also write your own API/channel exit or use the MA0W or MA0Z SupportPacs. Make sure that your solution is noninvasive and does not consume excessive system resources; always stress test exits in a development environment before deploying to production. |
|
| Back to top |
|
|
| Vitor |
| Posted: Fri May 11, 2012 9:30 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| Knut wrote: |
The bugger is found
Turns out that Jboss program writes to the DLQ when it get's into trouble.
|
Be Sure Your Sin Will Find You Out.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
|
|
